What is reverse proxy and how to distinguish reverse proxy from forward proxy?

Source: Internet
Author: User

Turn: http://blog.csdn.net/shixing_11/article/details/7106241

I have always had no idea how to understand the reverse direction of the reflection proxy. After Baidu knows it, I finally figured out a little bit by combining the following figure. To put it simply, the forward direction is from a LAN to the server, and the reverse direction is from the client to a LAN.

Concept:

The reverse proxy method is to use a proxy server to accept connection requests from the Internet, and then forward the requests to the server on the internal network, return the result obtained from the server to the Client Requesting connection from the Internet. The proxy server is displayed as a server.

Overview:

Generally, the proxy server is only used to proxy internal network connection requests to the Internet. The client must specify the proxy server and send the HTTP requests that were originally sent directly to the Web server to the proxy server. Because hosts on the external network do not configure and use this proxy server, the common proxy server is also designed to search for multiple uncertain servers on the Internet, instead of accessing a fixed server for requests from multiple clients on the Internet, the common Web Proxy server does not support external access requests to the internal network. When a proxy server can proxy hosts on the external network and access the internal network, this proxy service is called reverse proxy service. In this case, the proxy server acts as a Web server, and the external network can simply treat it as a standard Web server without specific configuration. The difference is that this server does not store the real data of any web pages, and all static web pages or CGI programs are stored on internal web servers. Therefore, the attack on the reverse proxy server does not damage the webpage information, which enhances the security of the Web server.
There is no conflict between the reverse proxy mode and the packet filtering mode or the normal proxy mode. Therefore, you can use both methods in the firewall device. The reverse proxy is used when the external network accesses the internal network, forward proxy or packet filtering is used to deny other external access methods and provide internal network access to external networks. Therefore, we can combine these methods to provide the best security access method.

Why is reverse:

However, this does not explain why it is called reverse, in principle. the proxy server processes requests from the client and forwards the requests to the target server. Therefore, the proxy server does not work in reverse order, the following figure shows why reverse proxy is called reverse proxy.

By the way, in terms of structure, the two sides of the forward proxy and reverse proxy are changed. The client of the original Proxy Server comes from the Intranet. it and the proxy server form a LAN, and after the reverse proxy. the proxy server and the server form a group. so from the perspective of structure, it is a reverse. From the English perspective, the word "reverse" contains the flip meaning, which means the reverse on the structure diagram, but due to the translation relationship. in Chinese, it becomes a reverse proxy. in fact, proxy has not done anything different from before. it still forwards requests from the client to the actual client ., today, due to the extensive use of CDN, the servers behind reverse proxy use actual IP addresses to adapt to this cross-network architecture. in this way, it is more difficult for everyone to have a clear answer to the question "What does reverse proxy actually mean.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.